Delivery practice of private PAAS platform based on cloud native

  
 
 

   
  
  
 author ： Niu yufu , Expert engineer of a well-known Internet company . Like open source  /  Share enthusiastically , Yes  K8s  And  golang  The gateway has a more in-depth study .
  
 
 

This article will explain how to use cloud native to solve the problems in privatization delivery , And then build a PaaS platform , Improve the reusability of the business platform . Before we get to business , It is necessary to clarify two key words ：

  

• PaaS platform ： Multiple core business services are encapsulated as an overall platform , Provide services in the form of platform .  
  
• Privatization delivery ： The platform needs to be deployed in a private cloud environment , It can still work in the face of no network .
  

Traditional delivery pain points

Pictured above ： Private cloud will have clear security requirements

  

• Private cloud services cannot connect to the Internet , Data can only be ferried to the private cloud of the intranet through a one-way gateway .  
  
• The source code can only be stored in the company computer room , Private cloud only deploys compiled files .  
  
• The service will iterate irregularly , In addition, in order to ensure the stability of services, we need to build independent business monitoring .
  

Based on the above requirements, there are probably several challenges ：

  

• Poor architecture portability ： The configuration between services is complex , Many heterogeneous languages need to modify the configuration file , No fixed service DNS.  
  
• The cost of deployment, operation and maintenance is high ： The service dependent environment needs to support offline installation , Service update needs to be completed manually by local operation and maintenance personnel , In a complicated scene , A complete deployment probably requires Several people / month Time for .  
  
• The cost of monitoring operation and maintenance is high ： Monitoring needs to support system level / Service level / Business level monitoring , The notification method needs to support SMS 、Webhook Etc .
  

Architecture

Our principle is Embrace cloud nativity and reuse existing capabilities , It is possible to use the existing and mature technical solutions in the industry . We use KubeSphere+K8S As a service choreography , In consideration of safety and simplicity Syncd Complete secondary development DevOps Ability , The monitoring system adopts Nightingale+Prometheus programme .
As shown in the above diagram

  

• Inside the blue box is our bottom PaaS colony , We have unified the service arrangement and upgrading of business services and General Services , To solve the problem of poor architecture migration .  
  
• In the red frame , Monitoring system exists as a form of scheduling service , All monitoring items shall be configured before delivery . To solve the problem of high operation and maintenance cost of monitoring system .  
  
• Inside the purple box , The service container can automatically pull and deploy across network segments . To solve the problem of high cost of service deployment .
  

Now we will introduce these three parts .
Service Orchestration ：KubeSphere
KubeSphere Our vision is to build a K8s Cloud native distributed operating system for kernel , Its architecture makes it very convenient for third-party applications to plug and play with cloud native ecological components （plug-and-play） Integration of , Support the unified distribution and operation and maintenance management of cloud native applications in multi cloud and multi cluster , It also has an active community .
KubeSphere The reasons for model selection are as follows ：
Customize your own privatization delivery plan based on products
Privatize image file packaging
Create product list :

  
 
 

   
  
  
apiVersion: kubekey.kubesphere.io/v1alpha2
   
  
  
kind: Manifest
   
  
  
metadata:
   
  
  
 name: sample
   
  
  
spec:
   
  
  
 arches:
   
  
  
 - amd64
   
  
  
...
   
  
  
 - type: kubernetes
   
  
  
 version: v1.21.5
   
  
  
 components:
   
  
  
 helm:
   
  
  
 version: v3.6.3
   
  
  
 cni:
   
  
  
 version: v0.9.1
   
  
  
 etcd:
   
  
  
 version: v3.4.13
   
  
  
 containerRuntimes:
   
  
  
 - type: docker
   
  
  
 version: 20.10.8
   
  
  
 crictl:
   
  
  
 version: v1.22.0
   
  
  
 harbor:
   
  
  
 version: v2.4.1
   
  
  
 docker-compose:
   
  
  
 version: v2.2.2
   
  
  
 images:
   
  
  
 - dockerhub.kubekey.local/kubesphere/kube-apiserver:v1.22.1
   
  
  
...
  
 
 

Then we can export by command .

  
 
 

   
  
  
$ ./kk artifact export -m manifest-sample.yaml -o kubesphere.tar.gz
  
 
 

Privatization deployment
Create deployment manifest ：

  
 
 

   
  
  
apiVersion: kubekey.kubesphere.io/v1alpha2
   
  
  
kind: Cluster
   
  
  
metadata:
   
  
  
 name: sample
   
  
  
spec:
   
  
  
 hosts:
   
  
  
 - {name: kubesphere01.ys, address: 10.89.3.12, internalAddress: 10.89.3.12, user: kubesphere, password: "Kubesphere123"}
   
  
  
 - {name: kubesphere02.ys, address: 10.74.3.25, internalAddress: 10.74.3.25, user: kubesphere, password: "Kubesphere123"}
   
  
  
 - {name: kubesphere03.ys, address: 10.86.3.66, internalAddress: 10.86.3.66, user: kubesphere, password: "Kubesphere123"}
   
  
  
 - {name: kubesphere04.ys, address: 10.86.3.67, internalAddress: 10.86.3.67, user: kubesphere, password: "Kubesphere123"}
   
  
  
 - {name: kubesphere05.ys, address: 10.86.3.11, internalAddress: 10.86.3.11, user: kubesphere, password: "Kubesphere123"}
   
  
  
 roleGroups:
   
  
  
 etcd:
   
  
  
 - kubesphere01.py
   
  
  
 - kubesphere02.py
   
  
  
 - kubesphere03.py
   
  
  
 control-plane:
   
  
  
 - kubesphere01.py
   
  
  
 - kubesphere02.py
   
  
  
 - kubesphere03.py
   
  
  
 worker:
   
  
  
 - kubesphere05.py
   
  
  
 registry:
   
  
  
 - kubesphere04.py
   
  
  
 controlPlaneEndpoint:
   
  
  
 internalLoadbalancer: haproxy
   
  
  
 domain: lb.kubesphere.local
   
  
  
 address: ""
   
  
  
 port: 6443
   
  
  
 kubernetes:
   
  
  
 version: v1.21.5
   
  
  
 clusterName: cluster.local
   
  
  
 network:
   
  
  
 plugin: calico
   
  
  
 kubePodsCIDR: 10.233.64.0/18
   
  
  
 kubeServiceCIDR: 10.233.0.0/18
   
  
  
 multusCNI:
   
  
  
 enabled: false
   
  
  
 registry:
   
  
  
 type: harbor
   
  
  
 auths:
   
  
  
 "dockerhub.kubekey.local":
   
  
  
 username: admin
   
  
  
 password: Kubesphere123
   
  
  
...
  
 
 

Perform installation deployment ：

  
 
 

   
  
  
$ ./kk create cluster -f config-sample.yaml -a kubesphere.tar.gz --with-packages --with-kubesphere --skip-push-images
  
 
 

There are a lot of complex K8s Deploy 、 High availability solution 、Harbor Privatize the image warehouse , Can complete automatic installation , It greatly simplifies the privatization delivery scenario K8s Difficulty of component deployment .
The visual interface greatly simplifies the operation process

  

• Create deployment ： Pipeline creation of a container service deployment 、 Storage 、 Service access .
  

  

• Resource constraints ： Limit the resource utilization of containers & Limit tenant resource utilization .
  

  

• Remote login ： Container remote login function .
  

be based on KubeSphere Business deployment experience sharing
Build high availability service instance deployment in the privatization scenario , The hanging up of the guarantee form instance does not affect the overall use , We need to ensure the following .
1、 Because services need to have fixed network identification and storage , So we need to create “ Stateful replica set deployment ”.

  
 
 

   
  
  
apiVersion: apps/v1
   
  
  
kind: StatefulSet
   
  
  
metadata:
   
  
  
 namespace: project
   
  
  
 name: ${env_project_name}
   
  
  
 labels:
   
  
  
 app: ${env_project_name}
   
  
  
spec:
   
  
  
 serviceName: ${env_project_name}
   
  
  
 replicas: 1
   
  
  
 selector:
   
  
  
 matchLabels:
   
  
  
 app: ${env_project_name}
   
  
  
 template:
   
  
  
 metadata:
   
  
  
 labels:
   
  
  
 app: ${env_project_name}
   
  
  
 spec:
   
  
  
 containers:
   
  
  
 - name: ${env_project_name}
   
  
  
 image: ${env_image_path}
   
  
  
 imagePullPolicy: IfNotPresent
  
 
 

2、 Stateful replica sets use host Anti affinity ensures that services are distributed to different host in .

  
 
 

   
  
  
....
   
  
  
affinity:
   
  
  
 podAntiAffinity:
   
  
  
 preferredDuringSchedulingIgnoredDuringExecution:
   
  
  
 - weight: 100
   
  
  
 podAffinityTerm:
   
  
  
 labelSelector:
   
  
  
 matchExpressions:
   
  
  
 - key: app
   
  
  
 operator: In
   
  
  
 values:
   
  
  
 - ${env_project_name}
   
  
  
 topologyKey: kubernetes.io/hostname
   
  
  
....
  
 
 

3、 The mutual calls between services use K8s At the bottom DNS To configure .

4、 When the cluster depends on external resources, it needs to be set to Service, Then provide services internally .

  
 
 

   
  
  
kind: Endpoints
   
  
  
apiVersion: v1
   
  
  
metadata:
   
  
  
 name: redis-cluster
   
  
  
 namespace: project
   
  
  
subsets:
   
  
  
 - addresses:
   
  
  
 - ip: 10.86.67.11
   
  
  
 ports:
   
  
  
 - port: 6379
   
  
  
---
   
  
  
kind: Service
   
  
  
apiVersion: v1
   
  
  
metadata:
   
  
  
 name: redis-cluster
   
  
  
 namespace: project
   
  
  
spec:
   
  
  
 ports:
   
  
  
 - protocol: TCP
   
  
  
 port: 6379
   
  
  
 targetPort: 6379
  
 
 

5、 With the help of nip.io Domain name implementation service dynamic domain name resolution debugging . nip.io It can be automatically set according to the requested domain name IP Information , Complete the response IP Information mapping .

  
 
 

   
  
  
$ nslookup abc-service.project.10.86.67.11.nip.io
   
  
  
Server: 169.254.25.10
   
  
  
Address: 169.254.25.10:53
   
  
  
Non-authoritative answer:
   
  
  
Name: abc-service.project.10.86.67.11.nip.io
   
  
  
Address: 10.86.67.11
  
 
 

So we can build Ingress Use this domain name directly ：

  
 
 

   
  
  
---
   
  
  
kind: Ingress
   
  
  
apiVersion: networking.k8s.io/v1
   
  
  
metadata:
   
  
  
 name: gatekeeper
   
  
  
 namespace: project
   
  
  
spec:
   
  
  
 rules:
   
  
  
 - host: gatekeeper.project.10.86.67.11.nip.io
   
  
  
 http:
   
  
  
 paths:
   
  
  
 - path: /
   
  
  
 pathType: ImplementationSpecific
   
  
  
 backend:
   
  
  
 service:
   
  
  
 name: gatekeeper
   
  
  
 port:
   
  
  
 number: 8000
  
 
 

6、 Mount the directory to the host , Sometimes, the container needs to be directly associated with the host directory. The specific operations are as follows .

  
 
 

   
  
  
...
   
  
  
spec:
   
  
  
 spec:
   
  
  
...
   
  
  
 volumeMounts:
   
  
  
 - name: vol-data
   
  
  
 mountPath: /home/user/data1
   
  
  
 volumes:
   
  
  
 - name: vol-data
   
  
  
 hostPath:
   
  
  
 path: /data0
  
 
 

7、 Stateful deployment workload , Mainly involves StatefulSet、Service、volumeClaimTemplates、Ingress, Examples are as follows ：

  
 
 

   
  
  
apiVersion: apps/v1
   
  
  
kind: StatefulSet
   
  
  
metadata:
   
  
  
 namespace: project
   
  
  
 name: gatekeeper
   
  
  
 labels:
   
  
  
 app: gatekeeper
   
  
  
spec:
   
  
  
 serviceName: gatekeeper
   
  
  
 replicas: 1
   
  
  
 selector:
   
  
  
 matchLabels:
   
  
  
 app: gatekeeper
   
  
  
 template:
   
  
  
 metadata:
   
  
  
 labels:
   
  
  
 app: gatekeeper
   
  
  
 spec:
   
  
  
 containers:
   
  
  
 - name: gatekeeper
   
  
  
 image: dockerhub.kubekey.local/project/gatekeeper:v362
   
  
  
 imagePullPolicy: IfNotPresent
   
  
  
 ports:
   
  
  
 - name: http-8000
   
  
  
 containerPort: 8000
   
  
  
 protocol: TCP
   
  
  
 - name: http-8080
   
  
  
 containerPort: 8080
   
  
  
 protocol: TCP
   
  
  
 resources:
   
  
  
 limits:
   
  
  
 cpu: '2'
   
  
  
 memory: 4Gi
   
  
  
 volumeMounts:
   
  
  
 - name: vol-data
   
  
  
 mountPath: /home/user/data1
   
  
  
 affinity:
   
  
  
 podAntiAffinity:
   
  
  
 preferredDuringSchedulingIgnoredDuringExecution:
   
  
  
 - weight: 100
   
  
  
 podAffinityTerm:
   
  
  
 labelSelector:
   
  
  
 matchExpressions:
   
  
  
 - key: app
   
  
  
 operator: In
   
  
  
 values:
   
  
  
 - gatekeeper
   
  
  
 topologyKey: kubernetes.io/hostname
   
  
  
 volumeClaimTemplates:
   
  
  
 - metadata:
   
  
  
 name: vol-data
   
  
  
 spec:
   
  
  
 accessModes: [ "ReadWriteOnce" ]
   
  
  
 resources:
   
  
  
 requests:
   
  
  
 storage: 10Gi
   
  
  
---
   
  
  
apiVersion: v1
   
  
  
kind: Service
   
  
  
metadata:
   
  
  
 name: gatekeeper
   
  
  
 namespace: project
   
  
  
 labels:
   
  
  
 app: gatekeeper
   
  
  
spec:
   
  
  
 ports:
   
  
  
 - name: "http-8000"
   
  
  
 protocol: TCP
   
  
  
 port: 8000
   
  
  
 targetPort: 8000
   
  
  
 - name: "http-8080"
   
  
  
 protocol: TCP
   
  
  
 port: 8080
   
  
  
 targetPort: 8080
   
  
  
 selector:
   
  
  
 app: gatekeeper
   
  
  
 type: NodePort
   
  
  
---
   
  
  
kind: Ingress
   
  
  
apiVersion: networking.k8s.io/v1
   
  
  
metadata:
   
  
  
 name: gatekeeper
   
  
  
 namespace: project
   
  
  
spec:
   
  
  
 rules:
   
  
  
 - host: gatekeeper.project.10.86.67.11.nip.io
   
  
  
 http:
   
  
  
 paths:
   
  
  
 - path: /
   
  
  
 pathType: ImplementationSpecific
   
  
  
 backend:
   
  
  
 service:
   
  
  
 name: gatekeeper
   
  
  
 port:
   
  
  
 number: 8000
   
  
  
 - host: gatekeeper.project.10.86.68.66.nip.io
   
  
  
 http:
   
  
  
 paths:
   
  
  
 - path: /
   
  
  
 pathType: ImplementationSpecific
   
  
  
 backend:
   
  
  
 service:
   
  
  
 name: gatekeeper
   
  
  
 port:
   
  
  
 number: 8080
  
 
 

DevOps： be based on Syncd Build automated service delivery
DevOps There are many models , Here we do not use Jenkins、GitRunner wait , Instead, we used something familiar within our team Syncd Secondary development . For two reasons ：

  

• On safety grounds ： Our source code cannot be stored locally , So based on the gitlab Build packaged solutions , It's not very useful for us , Use is a waste of resources .  
  
• Functional simplicity ： although Syncd It's stopped 2 More than years, but , But its core CICD The functions are relatively complete and the front and back ends are highly expandable , We can easily expand the corresponding functions .
  

Syncd The core idea ：

  

• Build packaged images from using local toolchains , Here we can put docker push As git push understand .  
  
• adopt Syncd Pull the image package to complete the deployment process, package and go online , Set the version number during packaging to facilitate service rollback .
  

Build local tool chains
1、 Create a directory based on the project

  
 
 

   
  
  
# Create directory 
   
  
  
cd /Users/niuyufu/goproject/abc-service
   
  
  
mkdir -p devops
   
  
  
cd devops
  
 
 

2、 Import Dockerfile, You can create your own business . 3、 establish tool.sh file

  
 
 

   
  
  
cat >> tool.sh << EOF
   
  
  
#!/bin/sh
   
  
  
 
   
  
  
########### Configuration area ##############
   
  
  
 
   
  
  
# Module name , Changeable 
   
  
  
module=abc-service
   
  
  
# Project name 
   
  
  
project=project1
   
  
  
# Container name 
   
  
  
container_name=${project}"_"${module}
   
  
  
# Image name 
   
  
  
image_name=${project}"/"${module}
   
  
  
# Service port mapping ： Host port : Container port , Multiple comma intervals 
   
  
  
port_mapping=8032:8032
   
  
  
# Mirror image hub Address 
   
  
  
image_hub=dockerhub.kubekey.local
   
  
  
# Mirror image tag
   
  
  
image_tag=latest
   
  
  
 
   
  
  
########### Configuration area ##############
   
  
  
 
   
  
  
# Building tools 
   
  
  
action=$1
   
  
  
case $action in
   
  
  
"docker_push")
   
  
  
 image_path=${image_hub}/${image_name}:${image_tag}
   
  
  
 docker tag ${image_name}:${image_tag} ${image_path}
   
  
  
 docker push ${image_path}
   
  
  
 echo " Image push completed ,image_path: "${image_path}
   
  
  
 ;;
   
  
  
"docker_login")
   
  
  
 container_id=$(docker ps -a | grep ${container_name} | awk '{print $1}')
   
  
  
 docker exec -it ${container_id} /bin/sh
   
  
  
 ;;
   
  
  
"docker_stop")
   
  
  
 docker ps -a | grep ${container_name} | awk '{print $1}' | xargs docker stop
   
  
  
 container_id=`docker ps -a | grep ${container_name} | awk '{print $1}' | xargs docker rm`
   
  
  
 if [ "$container_id" != "" ];then
   
  
  
 echo " Container closed ,container_id: "${container_id}
   
  
  
 fi
   
  
  
 
   
  
  
 if [ "$images_id" != "" ];then
   
  
  
 docker rmi ${images_id}
   
  
  
 fi
   
  
  
 
   
  
  
 ;;
   
  
  
"docker_run")
   
  
  
 docker ps -a | grep ${container_name} | awk '{print $1}' | xargs docker stop
   
  
  
 docker ps -a | grep ${container_name} | awk '{print $1}' | xargs docker rm
   
  
  
 port_mapping_array=(${port_mapping//,/ })
   
  
  
 # shellcheck disable=SC2068
   
  
  
 for var in ${port_mapping_array[@]}; do
   
  
  
 port_mapping_str=${mapping_str}" -p "${var}
   
  
  
 done
   
  
  
 container_id=$(docker run -d ${port_mapping_str} --name=${container_name} ${image_name})
   
  
  
 echo " Container started ,container_id: "${container_id}
   
  
  
 ;;
   
  
  
"docker_build")
   
  
  
 if [ ! -d "../output" ]; then
   
  
  
 echo "../output  Folder does not exist , Please perform  ../build.sh"
   
  
  
 exit 1
   
  
  
 fi
   
  
  
 cp -rf ../output ./
   
  
  
 docker build -f Dockerfile -t ${image_name} .
   
  
  
 rm -rf ./output
   
  
  
 echo " Image compiled successfully ,images_name: "${image_name}
   
  
  
 ;;
   
  
  
*)
   
  
  
 echo " You can run the command :
   
  
  
docker_build  Image compilation , rely on ../output  Folder 
   
  
  
docker_run  Container start up , rely on  docker_build
   
  
  
docker_login  Container login , rely on  docker_run
   
  
  
docker_push  Image push , rely on  docker_build"
   
  
  
 exit 1
   
  
  
 ;;
   
  
  
esac
   
  
  
EOF
  
 
 

4、 Perform project packaging , Please make sure that the output is ./output in

  
 
 

   
  
  
$cd ~/goproject/abc-service/
   
  
  
$sh build.sh
   
  
  
abc-service build ok
   
  
  
make output ok
   
  
  
build done
  
 
 

5、 utilize tool.sh Tools for service debugging
tools.sh The execution sequence is generally like this ：./output Output →docker_build→docker_run→docker_login→docker_push

  
 
 

   
  
  
$cd devops
   
  
  
$chmod +x tool.sh
   
  
  
# View the runnable commands 
   
  
  
$sh tool.sh
   
  
  
 You can run the command :
   
  
  
docker_build  Image compilation , rely on ../output  Folder 
   
  
  
docker_run  Container start up , rely on  docker_build
   
  
  
docker_login  Container login , rely on  docker_run
   
  
  
docker_push  Image push , rely on  docker_build
   
  
  
 
   
  
  
 
   
  
  
#docker_build give an example ：
   
  
  
$sh tool.sh docker_build
   
  
  
[+] Building 1.9s (10/10) FINISHED
   
  
  
 => [internal] load build definition from Dockerfile 0.1s
   
  
  
 => => transferring dockerfile: 37B 0.0s
   
  
  
 => [internal] load .dockerignore 0.0s
   
  
  
 => => transferring context: 2B
   
  
  
... 0.0s
   
  
  
 => exporting to image 0.0s
   
  
  
 => => exporting layers 0.0s
   
  
  
 => => writing image sha256:0a1fba79684a1a74fa200b71efb1669116c8dc388053143775aa7514391cdabf 0.0s
   
  
  
 => => naming to docker.io/project/abc-service 0.0s
   
  
  
 
   
  
  
Use 'docker scan' to run Snyk tests against images to find vulnerabilities and learn how to fix them
   
  
  
 Image compiled successfully ,images_name: project/abc-service
   
  
  
 
   
  
  
 
   
  
  
#docker_run give an example :
   
  
  
$ sh tool.sh docker_run
   
  
  
6720454ce9b6
   
  
  
6720454ce9b6
   
  
  
 Container started ,container_id: e5d7c87fa4de9c091e184d98e98f0a21fd9265c73953af06025282fcef6968a5
   
  
  
 
   
  
  
 
   
  
  
# have access to  docker_login  Log in to the container for code debugging ：
   
  
  
$ sh tool.sh docker_login
   
  
  
sh-4.2# sudo -i
   
  
  
[email protected]:~$
   
  
  
 
   
  
  
 
   
  
  
#docker_push give an example ：
   
  
  
$sh tool.sh docker_push 130 ↵
   
  
  
The push refers to repository [dockerhub.kubekey.local/citybrain/gatekeeper]
   
  
  
4f3c543c4f39: Pushed
   
  
  
54c83eb651e3: Pushed
   
  
  
e4df065798ff: Pushed
   
  
  
26f8c87cc369: Pushed
   
  
  
1fcdf9b8f632: Pushed
   
  
  
c02b40d00d6f: Pushed
   
  
  
8d07545b8ecc: Pushed
   
  
  
ccccb24a63f4: Pushed
   
  
  
30fe9c138e8b: Pushed
   
  
  
6ceb20e477f1: Pushed
   
  
  
76fbea184065: Pushed
   
  
  
471cc0093e14: Pushed
   
  
  
616b2700922d: Pushed
   
  
  
c4af1604d3f2: Pushed
   
  
  
latest: digest: sha256:775e7fbabffd5c8a4f6a7c256ab984519ba2f90b1e7ba924a12b704fc07ea7eb size: 3251
   
  
  
 Image push completed ,image_path: dockerhub.kubekey.local/citybrain/gatekeeper:latest
   
  
  
# Last landing Harbor Test whether the image is uploaded 
   
  
  
https://dockerhub.kubekey.local/harbor/projects/52/repositories/gatekeeper
  
 
 

be based on Syncd Package and build services
1、 Project configuration
New projects

Set up tool.sh The image address generated in .

Set up the build script .

Fill in the build script with reference to the stateful workload .

2、 Create a launch order

3、 Build the deployment package and execute the deployment

4、 Switch to KubeSphere View the deployment effect .

This has been done DevOps And KubeSphere Get through the function of .
Service monitoring ： be based on Nightingale Build enterprise level monitoring
Selection reasons

  

• Visualization engine ： Built in templates , Open the box .
  

  

• Alarm analysis engine ： Flexible management 、 Alarm self healing 、 Open the box .
  

  

• Support Helm Chart One click application and service deployment , In the privatization scenario, we only need to care about container fusion and localization .
  

  
 
 

   
  
  
$ git clone https://github.com/flashcatcloud/n9e-helm.git
   
  
  
$ helm install nightingale ./n9e-helm -n n9e --create-namespace
  
 
 

Demonstration of actual rule configuration

  

• Configure alarm rules , Seamless support PromQL Write various rules flexibly .
  

  

• Configure the alarm receiving group
  

  

• Actually receive alarm messages and recovery messages
  

summary
Due to different business scenarios under privatization delivery , The selection of cloud native applications is also different . This article only introduces our own business scenarios , If you have any questions, please correct , In addition, cloud native applications in other scenarios are also welcome to communicate and discuss with me at any time .

  
 
 

   
  
  
 This article by the blog one article many sends the platform  OpenWrite  Release ！